package net.shibboleth.idp.cas.flow.impl;

import java.net.URI;
import java.security.cert.CertificateException;
import java.time.Instant;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.cas.config.ValidateConfiguration;
import net.shibboleth.idp.cas.protocol.ProtocolError;
import net.shibboleth.idp.cas.protocol.TicketValidationRequest;
import net.shibboleth.idp.cas.protocol.TicketValidationResponse;
import net.shibboleth.idp.cas.proxy.ProxyValidator;
import net.shibboleth.idp.cas.ticket.ServiceTicket;
import net.shibboleth.idp.cas.ticket.Ticket;
import net.shibboleth.idp.cas.ticket.TicketService;
import net.shibboleth.idp.cas.ticket.TicketState;
import org.mockito.Mockito;
import org.opensaml.profile.context.ProfileRequestContext;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/cas/flow/impl/ValidateProxyCallbackActionTest.class */
public class ValidateProxyCallbackActionTest extends AbstractFlowActionTest {
    private Object nullObj;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Test
    public void testValidateProxySuccess() throws Exception {
        TicketService ticketService = this.ticketService;
        if (!$assertionsDisabled && ticketService == null) {
            throw new AssertionError();
        }
        ValidateProxyCallbackAction validateProxyCallbackAction = new ValidateProxyCallbackAction(mockProxyAuthenticator((Exception) this.nullObj), ticketService);
        validateProxyCallbackAction.initialize();
        RequestContext newRequestContext = newRequestContext("https://test.example.org/");
        Assert.assertNull(validateProxyCallbackAction.execute(newRequestContext));
        TicketValidationResponse ticketValidationResponse = (TicketValidationResponse) validateProxyCallbackAction.getCASResponse(getProfileContext(newRequestContext));
        Assert.assertNotNull(ticketValidationResponse);
        Assert.assertNotNull(ticketValidationResponse.getPgtIou());
    }

    @Test
    public void testValidateProxyFailure() throws Exception {
        TicketService ticketService = this.ticketService;
        if (!$assertionsDisabled && ticketService == null) {
            throw new AssertionError();
        }
        ValidateProxyCallbackAction validateProxyCallbackAction = new ValidateProxyCallbackAction(mockProxyAuthenticator(new CertificateException()), ticketService);
        validateProxyCallbackAction.initialize();
        Event execute = validateProxyCallbackAction.execute(newRequestContext("https://test.example.org/"));
        if (!$assertionsDisabled && execute == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(execute.getId(), ProtocolError.ProxyCallbackAuthenticationFailure.name());
    }

    @Nonnull
    private static ProxyValidator mockProxyAuthenticator(@Nullable Exception exc) throws Exception {
        ProxyValidator proxyValidator = (ProxyValidator) Mockito.mock(ProxyValidator.class);
        if (!$assertionsDisabled && proxyValidator == null) {
            throw new AssertionError();
        }
        if (exc != null) {
            ((ProxyValidator) Mockito.doThrow(new Throwable[]{exc}).when(proxyValidator)).validate((ProfileRequestContext) Mockito.any(ProfileRequestContext.class), (URI) Mockito.any(URI.class));
        }
        return proxyValidator;
    }

    @Nonnull
    private static RequestContext newRequestContext(String str) {
        Instant now = Instant.now();
        if (!$assertionsDisabled && now == null) {
            throw new AssertionError();
        }
        Ticket serviceTicket = new ServiceTicket("ST-123-ABCCEF", "https://test.example.com/", now, false);
        serviceTicket.setTicketState(new TicketState("SessionID-123", "bob", now, "bob"));
        TicketValidationRequest ticketValidationRequest = new TicketValidationRequest("https://test.example.com/", "ST-123-ABCCEF");
        ticketValidationRequest.setPgtUrl(str);
        return new TestContextBuilder("https://www.apereo.org/cas/protocol/serviceValidate").addProtocolContext(ticketValidationRequest, new TicketValidationResponse()).addTicketContext(serviceTicket).addRelyingPartyContext("https://test.example.com/", true, new ValidateConfiguration()).build();
    }

    static {
        $assertionsDisabled = !ValidateProxyCallbackActionTest.class.desiredAssertionStatus();
    }
}
